Cover: Securing U.S. Elections Against Cyber Threats

Securing U.S. Elections Against Cyber Threats

Considerations for Supply Chain Risk Management

Published Sep 22, 2020

by Quentin E. Hodgson, Marygail K. Brauner, Edward W. Chan

Download eBook for Free

FormatFile SizeNotes
PDF file 0.4 MB

Use Adobe Acrobat Reader version 10 or higher for the best experience.

The cybersecurity of election systems has long been a central focus of election officials and the federal government, starting with the passage of the Help America Vote Act in 2002 and, more recently, in 2017 with the designation of elections as a critical infrastructure subsector. Federal partners in the Cybersecurity and Infrastructure Security Agency, the U.S. Election Assistance Commission, and the National Institute of Standards and Technology are supporting the election community, including election officials and vendors, to improve cybersecurity. More recently, this focus has expanded to concerns about the supply chain of components that are integral to election system equipment. This concern for the cybersecurity of supply chains is found throughout industry as organizations strive to protect their equipment and customers from cyber threats.

In this Perspective, RAND Corporation researchers lay out the considerations for securing election system supply chains against cyber threats and how the federal government can partner with state and local officials and the vendor community to understand where risk lies in the supply chain. The Perspective discusses how existing tools and approaches can be adapted and used to facilitate cyber supply chain risk management. It should be of interest to federal, state, and local election officials who will manage their relationships with the manufacturers of election equipment; to manufacturers that will, in turn, manage their relationships with their suppliers; and to those developing tools for mapping supply chains and assessing supply chain risk.

This research was conducted within the Strategy, Policy and Operations Program of the RAND Homeland Security Research Division.

This commentary is part of the RAND expert insight series. RAND Expert Insights present perspectives on timely policy issues. All RAND Expert Insights undergo peer review to ensure high standards for quality and objectivity.

This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit

RAND is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.